Michael Howard 5 Nov 19 10 min read

How to grow a thriving AML/CFT compliance culture

With New Zealand’s AML/CFT legislation recently passing its tenth anniversary, our three local supervisors embarked on a major change of tack – moving their focus from pure education to include enforcement of anti-money laundering compliance (or the lack thereof). Should this be a cause for concern for businesses who fall under the legislation’s remit? Yes and no.

If you’re committed to and are proactively taking steps to improve your AML compliance, then you do not need to worry. If you’re not taking such steps, then be prepared to have either the RBNZ, FMA, or DIA knock on your door.

Regardless of which industry you operate in, viewing AML compliance from a culture perspective is a superb way to embed a positive, continual improvement mindset from the wider business. It will also help ensure supervisors remain satisfied with your level of compliance.

So how can you instil a hunger for AML/CFT compliance and grow a positive culture surrounding it? Here are some ideas:


Great cultures begin from the top and are forged from within

Like many successful business endeavours, changes start at a governance level and are adopted and driven by operations. So boards and leadership teams must be completely invested into their AML compliance programmes, as the ultimate responsibility and consequences of compliance failure fall to them.

Once this buy-in has occurred, the other efforts to create a supportive compliance culture can take place with greater effectiveness.


How to support your AML Compliance Officer and ‘buy’ their loyalty

When you consider the global skills shortage surrounding AML compliance officers, it’s surprising how ‘lonely’ and marginalised many AML compliance officers are. One would assume businesses are doing all they can to stem the high staff turnover that has resulted from this.

As AML compliance officers (COs) play such a huge role in stopping financial crime and keeping supervisors satiated, businesses need to do much more to understand, support, and appreciate them. And a great way they can do this is to approach AML compliance like leading businesses do customer experience. This includes but is not limited to:

  • Ensuring AML compliance is bought into by the whole business – from the board to the frontline. Support needs to be visibly championed throughout the business.
  • Understanding the ever-changing needs and demands that COs face is a life-long endeavour. This encompasses new trends and threats and technologies and regulations that impact a business’s compliance programme.
  • Iteratively improving the tools and processes COs need to be effective in achieving positive AML outcomes. This often requires regular rule reviews, plus consultation with other areas of the business.
  • Working with supervisors and authorities to provide COs with as much feedback as possible. COs very rarely see the results of their SARs, i.e. did it lead to prosecution? Knowing that their work makes a difference is a fantastic motivator.
  • Like any employee, a little recognition goes a long way, but don’t stop at a little. Make sure COs are appreciated, and wins are celebrated. It might sound odd to celebrate spotting a money launderer, but not when you consider the potential harm and loss your business has prevented.

One final outcome of adopting a customer experience mindset with AML compliance is that it will put you on much better footing with your supervisor, as you’re demonstrating (not telling) that you’re taking proactive steps to identify and prevent financial crime.


Don’t throw bodies at AML, invest in the right people

So New Zealand’s supervisors are stepping up their efforts to enforce our nation’s anti-money laundering efforts. But does this mean businesses should just throw more and more people at their compliance efforts? No. And not just because of the skills shortage in this sector.

The primary reason you can’t simply hire people to this role is that it’s incredibly varied - from risk assessment to conflict management, data analysis to communication, problem-solving to stakeholder management. What’s more, COs need to be senior enough to have a clear understanding of the current and future criminal typologies relevant to the business, as this will affect the rules required to identify suspicious behaviour.

While AML compliance officers typically come from either a law or an operations background, it’s possible to take on this responsibility with expertise from other career paths. But one warning repeatedly offered by the FMA, DIA, and RBNZ alike is that in no shape or form should a receptionist be appointed as your AML compliance officer (unless that receptionist holds a seat at the decision-making table).

If fulfilling your compliance obligations is the priority it should be in your business, then choosing and training the appropriate people for this regulatory role is vital.


Making compliance easy with tech

The last piece of the puzzle for growing your AML compliance culture is to employ the tools that make it easy. AML software can be broken up into four different areas. Depending on how your business operates and what your relevant criminal typologies are will determine which facets of AML software you should focus on. It’s worth noting that there’s not necessarily an economically-viable, one-size-fits-all solution out there, as you may only need automation in one or two areas. Here’s an overview of what’s involved:

KYC software 
Knowing your customer is all about going to lengths to understand customers’ conduct, to identify whether or not they are exhibiting criminal behaviour. Blockchain is increasingly being used in this space to ratify the identities of people online. Increasingly, this includes biometric identity verification.

Watchlist screening 
Screening customers against in-house and global watchlists is an essential step in identifying politically exposed people who present a potential source of risk to a business. Global watchlists include the likes of World-Check and Dow Jones.

Transaction monitoring
Previously, detecting suspicious transactions was comparable to finding needles in haystacks – whether through physical cash or online transactions. But now, thanks to AI and machine learning, it’s possible to use automated technology to identify transactions that fall outside the behavioural patterns of your customers, plus reduce false positives. Compliance officers can then focus more time on reviewing rules, monitoring typographies, and submitting reports. While there is a rare number who enjoy creating macros and can use Microsoft 365 to monitor transactions, there are products like Jade ThirdEye that can do this for you.

Compliance reporting
Show don’t tell. With the right levels of automation, compliance reports can be prepared easily and with far greater detail. And what’s more, many AML software providers that automate watchlist screening or transaction monitoring also facilitate reporting.

As you can see and have no doubt experienced, it ‘takes a village’ to raise a healthy AML compliance culture in your business. With small steps, it’s entirely possible to turn around the thinking and attitudes towards AML compliance before supervisors come down hard on your business. They’re there to ultimately help, and so are we.

So if there’s anything you would like to discuss, or you need assistance in understanding what kind of automated AML solution could be a good fit for your business, please reach out to us through the form below.



Ready for a demo?